Filers vulnerable to NTP Reflection Attack
2014-02-04 11:09 AM
Our filers have been used in a large scale NTP reflection attack. I can not find any documentation on how to restrict or turn off monlist queries. options.timed doesn't seem to handle that part of the config
Any one have ideas?
Solved! SEE THE SOLUTION
Re: Filers vulnerable to NTP Reflection Attack
2014-02-12 10:32 AM
Paraphrased from my support case,
Due to the way ONTAP works, there is no ntp.conf file and so the fix will have to be an ONTAP patch.
As a workaround either disable NTP until a fix is released, or block port 123/udp with a firewall.